2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
10 #include <afs/param.h>
22 osi_rwlock_t cm_userLock;
24 cm_user_t *cm_rootUserp;
26 void cm_InitUser(void)
28 static osi_once_t once;
30 if (osi_Once(&once)) {
31 lock_InitializeRWLock(&cm_userLock, "cm_userLock");
35 cm_rootUserp = cm_NewUser();
38 cm_user_t *cm_NewUser(void)
42 userp = malloc(sizeof(*userp));
43 memset(userp, 0, sizeof(*userp));
45 lock_InitializeMutex(&userp->mx, "cm_user_t");
49 /* must be called with locked userp */
50 cm_ucell_t *cm_GetUCell(cm_user_t *userp, cm_cell_t *cellp)
54 lock_AssertMutex(&userp->mx);
55 for (ucp = userp->cellInfop; ucp; ucp=ucp->nextp) {
56 if (ucp->cellp == cellp)
61 ucp = malloc(sizeof(*ucp));
62 memset(ucp, 0, sizeof(*ucp));
63 ucp->nextp = userp->cellInfop;
65 ucp->iterator = userp->cellInfop->iterator + 1;
68 userp->cellInfop = ucp;
75 cm_ucell_t *cm_FindUCell(cm_user_t *userp, int iterator)
81 lock_AssertMutex(&userp->mx);
82 for (ucp = userp->cellInfop; ucp; ucp = ucp->nextp) {
83 if (ucp->iterator >= iterator)
91 void cm_HoldUser(cm_user_t *up)
93 lock_ObtainWrite(&cm_userLock);
95 lock_ReleaseWrite(&cm_userLock);
98 void cm_ReleaseUser(cm_user_t *userp)
106 lock_ObtainWrite(&cm_userLock);
107 osi_assert(userp->refCount-- > 0);
108 if (userp->refCount == 0) {
109 lock_FinalizeMutex(&userp->mx);
110 for (ucp = userp->cellInfop; ucp; ucp = ncp) {
118 lock_ReleaseWrite(&cm_userLock);
122 void cm_HoldUserVCRef(cm_user_t *userp)
124 lock_ObtainMutex(&userp->mx);
126 lock_ReleaseMutex(&userp->mx);
129 /* release the count of the # of connections that use this user structure.
130 * When this hits zero, we know we won't be getting any new requests from
131 * this user, and thus we can start GC'ing connections. Ref count on user
132 * won't hit zero until all cm_conn_t's have been GC'd, since they hold
133 * refCount references to userp.
135 void cm_ReleaseUserVCRef(cm_user_t *userp)
137 lock_ObtainMutex(&userp->mx);
138 osi_assert(userp->vcRefs-- > 0);
139 lock_ReleaseMutex(&userp->mx);
144 * Check if any users' tokens have expired and if they have then do the
145 * equivalent of unlogging the user for that particular cell for which
146 * the tokens have expired.
147 * ref. cm_IoctlDelToken() in cm_ioctl.c
148 * This routine is called by the cm_Daemon() ie. the periodic daemon.
149 * every cm_daemonTokenCheckInterval seconds
151 void cm_CheckTokenCache(time_t now)
153 extern smb_vc_t *smb_allVCsp; /* global vcp list */
156 cm_user_t *userp = NULL;
161 * For every vcp, get the user and check his tokens
163 lock_ObtainWrite(&smb_rctLock);
164 for (vcp=smb_allVCsp; vcp; vcp=vcp->nextp) {
165 for (usersp=vcp->usersp; usersp; usersp=usersp->nextp) {
167 if ((userp=usersp->unp->userp)==0)
171 lock_ObtainMutex(&userp->mx);
172 for (ucellp=userp->cellInfop; ucellp; ucellp=ucellp->nextp) {
173 if (ucellp->flags & CM_UCELLFLAG_RXKAD) {
174 if (ucellp->expirationTime < now) {
175 /* this guy's tokens have expired */
176 osi_Log3(afsd_logp, "cm_CheckTokens: Tokens for user:%s have expired expiration time:0x%x ucellp:%x",
177 ucellp->userName, ucellp->expirationTime, ucellp);
178 if (ucellp->ticketp) {
179 free(ucellp->ticketp);
180 ucellp->ticketp = NULL;
182 ucellp->flags &= ~CM_UCELLFLAG_RXKAD;
188 lock_ReleaseMutex(&userp->mx);
191 cm_ResetACLCache(userp);
195 lock_ReleaseWrite(&smb_rctLock);
198 #ifdef USE_ROOT_TOKENS
200 * Service/Parameters/RootTokens/<cellname>/
202 * -> Keytab (required if UseLSA is 0)
203 * -> Principal (required if there is more than one principal in the keytab)
204 * -> Realm (required if realm is not upper-case of <cellname>
205 * -> RequireEncryption
209 cm_RefreshRootTokens(void)